@flowdesk/core 0.1.12 → 0.1.14

package/dist/planning-evidence-common.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"planning-evidence-common.d.ts","sourceRoot":"","sources":["../src/planning-evidence-common.ts"],"names":[],"mappings":"AAAA,OAAO,EAEN,KAAK,gBAAgB,EAKrB,MAAM,iBAAiB,CAAC;AAEzB,OAAO,EAAE,OAAO,EAAE,KAAK,gBAAgB,EAAE,KAAK,EAAE,MAAM,iBAAiB,CAAC;AAExE,eAAO,MAAM,mCAAmC,qIAMtC,CAAC;AAiBX,wBAAgB,wBAAwB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAEzF;AAED,wBAAgB,+BAA+B,CAC9C,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC9B,OAAO,EAAE,WAAW,CAAC,MAAM,CAAC,EAC5B,KAAK,EAAE,MAAM,GACX,MAAM,EAAE,CAIV;AAED,wBAAgB,mBAAmB,CAClC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC9B,IAAI,EAAE,SAAS,MAAM,EAAE,EACvB,KAAK,EAAE,MAAM,GACX,MAAM,EAAE,CAIV;AAED,wBAAgB,wBAAwB,CACvC,KAAK,EAAE,OAAO,EACd,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,EACjB,OAAO,GAAE;IAAE,UAAU,CAAC,EAAE,OAAO,CAAC;IAAC,mBAAmB,CAAC,EAAE,OAAO,CAAA;CAAO,GACnE,gBAAgB,CAWlB;AAED,wBAAgB,yBAAyB,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,GAAG,gBAAgB,CAMzF;AAED,wBAAgB,wBAAwB,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,GAAG,gBAAgB,CAExF;AAED,wBAAgB,yBAAyB,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,GAAG,gBAAgB,CAEzF;AAED,wBAAgB,8BAA8B,CAC7C,KAAK,EAAE,OAAO,EACd,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,GACd,gBAAgB,CAOlB;AAED,wBAAgB,8BAA8B,CAC7C,KAAK,EAAE,OAAO,EACd,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,GACd,gBAAgB,CAOlB;AAED,wBAAgB,8BAA8B,CAC7C,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC9B,KAAK,EAAE,MAAM,GACX,MAAM,EAAE,CAWV;AAED,wBAAgB,mCAAmC,CAClD,KAAK,EAAE,OAAO,EACd,KAAK,EAAE,MAAM,GACX,gBAAgB,CAElB"}

package/dist/planning-evidence-common.js

@@ -0,0 +1,95 @@
+import { invalid, valid, validateNoForbiddenRawPayloads, validateOpaqueId, validateOpaqueRef, } from "./validators.js";
+export { invalid, valid } from "./validators.js";
+export const FLOWDESK_PLANNING_AUTHORITY_KEYS_V1 = [
+    "dispatch_authority_enabled",
+    "provider_call_made",
+    "runtime_execution",
+    "actual_lane_launch",
+    "write_authority_enabled",
+];
+const AUTHORITY_TRUE_KEYS = new Set([
+    ...FLOWDESK_PLANNING_AUTHORITY_KEYS_V1,
+    "realOpenCodeDispatch",
+    "providerCall",
+    "actualLaneLaunch",
+    "runtimeExecution",
+    "fallbackAuthority",
+    "toolAuthority",
+    "hardCancelOrNoReplyAuthority",
+    "fallback_allowed",
+    "reselection_allowed",
+]);
+const AUTHORITY_SMUGGLING_PATTERN = /\b(?:approve(?:d|s)?|approval|authorize(?:d|s)?|authorization|guard(?:ed)?\s+approval|dispatch(?:able|ed|es)?|dispatch\s*-?authority|real\s*-?(?:opencode\s*-?)?dispatch|provider\s*-?(?:call|payload|response)|runtime\s*-?execution|runtime[-_\s]*lane[-_\s]*launch|actual\s*-?lane\s*-?launch|lane\s*-?launch|fallback|reselection|reselect|retry\s+with\s+(?:another|different)|switch\s+(?:provider|model)|no\s*-?reply|hard\s*-?(?:cancel|stop)|opencode\s+run|hidden\s+injection)\b/i;
+export function isPlanningEvidenceRecord(value) {
+    return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+export function rejectUnknownPlanningProperties(value, allowed, label) {
+    return Object.keys(value)
+        .filter((key) => !allowed.has(key))
+        .map((key) => `${label} has unknown property: ${key}`);
+}
+export function requirePlanningKeys(value, keys, label) {
+    return keys
+        .filter((key) => !(key in value))
+        .map((key) => `${label} missing required field: ${key}`);
+}
+export function validatePlanningSafeText(value, label, maxLength, options = {}) {
+    if (typeof value !== "string")
+        return invalid(`${label} must be a string`);
+    if (!options.allowEmpty && value.trim().length === 0)
+        return invalid(`${label} must be a non-empty string`);
+    if (value.length > maxLength)
+        return invalid(`${label} exceeds ${maxLength} chars`);
+    const redaction = validateNoForbiddenRawPayloads(value, label);
+    if (!redaction.ok)
+        return redaction;
+    if (!options.allowAuthorityWords && AUTHORITY_SMUGGLING_PATTERN.test(value)) {
+        return invalid(`${label} contains authority-smuggling language`);
+    }
+    return valid();
+}
+export function validatePlanningTimestamp(value, label) {
+    if (typeof value !== "string" || value.length === 0)
+        return invalid(`${label} must be a timestamp string`);
+    return Number.isFinite(Date.parse(value))
+        ? valid()
+        : invalid(`${label} must be a parseable timestamp`);
+}
+export function validatePlanningOpaqueId(value, label) {
+    return validateOpaqueId(value, label);
+}
+export function validatePlanningOpaqueRef(value, label) {
+    return validateOpaqueRef(value, label);
+}
+export function validatePlanningOpaqueRefArray(value, label, maxItems) {
+    if (!Array.isArray(value))
+        return invalid(`${label} must be an array`);
+    if (value.length > maxItems)
+        return invalid(`${label} exceeds ${maxItems} items`);
+    const errors = value.flatMap((item, index) => validateOpaqueRef(item, `${label}[${index}]`).errors);
+    return errors.length === 0 ? valid() : invalid(...errors);
+}
+export function validatePlanningSafeLabelArray(value, label, maxItems) {
+    if (!Array.isArray(value))
+        return invalid(`${label} must be an array`);
+    if (value.length > maxItems)
+        return invalid(`${label} exceeds ${maxItems} items`);
+    const errors = value.flatMap((item, index) => validatePlanningSafeText(item, `${label}[${index}]`, 120).errors);
+    return errors.length === 0 ? valid() : invalid(...errors);
+}
+export function validatePlanningAuthorityFalse(value, label) {
+    const errors = [];
+    for (const key of FLOWDESK_PLANNING_AUTHORITY_KEYS_V1) {
+        if (value[key] !== false)
+            errors.push(`${label}.${key} must be false`);
+    }
+    for (const [key, nested] of Object.entries(value)) {
+        if (AUTHORITY_TRUE_KEYS.has(key) && nested === true) {
+            errors.push(`${label}.${key} cannot be true`);
+        }
+    }
+    return errors;
+}
+export function validatePlanningNoForbiddenPayloads(value, label) {
+    return validateNoForbiddenRawPayloads(value, label);
+}

package/dist/planning-evidence-common.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"planning-evidence-common.js","sourceRoot":"","sources":["../src/planning-evidence-common.ts"],"names":[],"mappings":"AAAA,OAAO,EACN,OAAO,EAEP,KAAK,EACL,8BAA8B,EAC9B,gBAAgB,EAChB,iBAAiB,GACjB,MAAM,iBAAiB,CAAC;AAEzB,OAAO,EAAE,OAAO,EAAyB,KAAK,EAAE,MAAM,iBAAiB,CAAC;AAExE,MAAM,CAAC,MAAM,mCAAmC,GAAG;IAClD,4BAA4B;IAC5B,oBAAoB;IACpB,mBAAmB;IACnB,oBAAoB;IACpB,yBAAyB;CAChB,CAAC;AAEX,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC;IACnC,GAAG,mCAAmC;IACtC,sBAAsB;IACtB,cAAc;IACd,kBAAkB;IAClB,kBAAkB;IAClB,mBAAmB;IACnB,eAAe;IACf,8BAA8B;IAC9B,kBAAkB;IAClB,qBAAqB;CACrB,CAAC,CAAC;AAEH,MAAM,2BAA2B,GAAG,6dAA6d,CAAC;AAElgB,MAAM,UAAU,wBAAwB,CAAC,KAAc;IACtD,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;AAC7E,CAAC;AAED,MAAM,UAAU,+BAA+B,CAC9C,KAA8B,EAC9B,OAA4B,EAC5B,KAAa;IAEb,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC;SACvB,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;SAClC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,0BAA0B,GAAG,EAAE,CAAC,CAAC;AACzD,CAAC;AAED,MAAM,UAAU,mBAAmB,CAClC,KAA8B,EAC9B,IAAuB,EACvB,KAAa;IAEb,OAAO,IAAI;SACT,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,IAAI,KAAK,CAAC,CAAC;SAChC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,4BAA4B,GAAG,EAAE,CAAC,CAAC;AAC3D,CAAC;AAED,MAAM,UAAU,wBAAwB,CACvC,KAAc,EACd,KAAa,EACb,SAAiB,EACjB,UAAmE,EAAE;IAErE,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,OAAO,CAAC,GAAG,KAAK,mBAAmB,CAAC,CAAC;IAC3E,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC;QACnD,OAAO,OAAO,CAAC,GAAG,KAAK,6BAA6B,CAAC,CAAC;IACvD,IAAI,KAAK,CAAC,MAAM,GAAG,SAAS;QAAE,OAAO,OAAO,CAAC,GAAG,KAAK,YAAY,SAAS,QAAQ,CAAC,CAAC;IACpF,MAAM,SAAS,GAAG,8BAA8B,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;IAC/D,IAAI,CAAC,SAAS,CAAC,EAAE;QAAE,OAAO,SAAS,CAAC;IACpC,IAAI,CAAC,OAAO,CAAC,mBAAmB,IAAI,2BAA2B,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QAC7E,OAAO,OAAO,CAAC,GAAG,KAAK,wCAAwC,CAAC,CAAC;IAClE,CAAC;IACD,OAAO,KAAK,EAAE,CAAC;AAChB,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,KAAc,EAAE,KAAa;IACtE,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAClD,OAAO,OAAO,CAAC,GAAG,KAAK,6BAA6B,CAAC,CAAC;IACvD,OAAO,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QACxC,CAAC,CAAC,KAAK,EAAE;QACT,CAAC,CAAC,OAAO,CAAC,GAAG,KAAK,gCAAgC,CAAC,CAAC;AACtD,CAAC;AAED,MAAM,UAAU,wBAAwB,CAAC,KAAc,EAAE,KAAa;IACrE,OAAO,gBAAgB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;AACvC,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,KAAc,EAAE,KAAa;IACtE,OAAO,iBAAiB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;AACxC,CAAC;AAED,MAAM,UAAU,8BAA8B,CAC7C,KAAc,EACd,KAAa,EACb,QAAgB;IAEhB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,OAAO,CAAC,GAAG,KAAK,mBAAmB,CAAC,CAAC;IACvE,IAAI,KAAK,CAAC,MAAM,GAAG,QAAQ;QAAE,OAAO,OAAO,CAAC,GAAG,KAAK,YAAY,QAAQ,QAAQ,CAAC,CAAC;IAClF,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAC5C,iBAAiB,CAAC,IAAI,EAAE,GAAG,KAAK,IAAI,KAAK,GAAG,CAAC,CAAC,MAAM,CACpD,CAAC;IACF,OAAO,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,MAAM,CAAC,CAAC;AAC3D,CAAC;AAED,MAAM,UAAU,8BAA8B,CAC7C,KAAc,EACd,KAAa,EACb,QAAgB;IAEhB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,OAAO,CAAC,GAAG,KAAK,mBAAmB,CAAC,CAAC;IACvE,IAAI,KAAK,CAAC,MAAM,GAAG,QAAQ;QAAE,OAAO,OAAO,CAAC,GAAG,KAAK,YAAY,QAAQ,QAAQ,CAAC,CAAC;IAClF,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAC5C,wBAAwB,CAAC,IAAI,EAAE,GAAG,KAAK,IAAI,KAAK,GAAG,EAAE,GAAG,CAAC,CAAC,MAAM,CAChE,CAAC;IACF,OAAO,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,MAAM,CAAC,CAAC;AAC3D,CAAC;AAED,MAAM,UAAU,8BAA8B,CAC7C,KAA8B,EAC9B,KAAa;IAEb,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,GAAG,IAAI,mCAAmC,EAAE,CAAC;QACvD,IAAI,KAAK,CAAC,GAAG,CAAC,KAAK,KAAK;YAAE,MAAM,CAAC,IAAI,CAAC,GAAG,KAAK,IAAI,GAAG,gBAAgB,CAAC,CAAC;IACxE,CAAC;IACD,KAAK,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACnD,IAAI,mBAAmB,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;YACrD,MAAM,CAAC,IAAI,CAAC,GAAG,KAAK,IAAI,GAAG,iBAAiB,CAAC,CAAC;QAC/C,CAAC;IACF,CAAC;IACD,OAAO,MAAM,CAAC;AACf,CAAC;AAED,MAAM,UAAU,mCAAmC,CAClD,KAAc,EACd,KAAa;IAEb,OAAO,8BAA8B,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;AACrD,CAAC"}

package/dist/pre-dispatch-audit-record.js

@@ -58,4 +58,3 @@ export function validateFlowDeskPreDispatchAuditRecordV1(value) {
     errors.push(...validateNoForbiddenRawPayloads(value, "pre_dispatch_audit_record").errors);
     return errors.length === 0 ? valid() : invalid(...errors);
 }
-//# sourceMappingURL=pre-dispatch-audit-record.js.map

package/dist/production-approval-source.js

@@ -223,4 +223,3 @@ export function consumeFlowDeskProductionApprovalSourceV1(input) {
         ...disabledApprovalAuthority,
     };
 }
-//# sourceMappingURL=production-approval-source.js.map

package/dist/production-enablement.js

@@ -669,4 +669,3 @@ export function evaluateFlowDeskProductionEnablementV1(input) {
             : ["/flowdesk-doctor", "/flowdesk-status"],
     };
 }
-//# sourceMappingURL=production-enablement.js.map

package/dist/production-verification.js

@@ -123,4 +123,3 @@ export function validateFlowDeskConfiguredVerificationResultV1(value, expectedWo
         .errors);
     return errors.length === 0 ? valid() : invalid(...errors);
 }
-//# sourceMappingURL=production-verification.js.map

package/dist/provider-failures.js

@@ -113,4 +113,3 @@ export function getProviderFailureDiagnosticMappingsV1() {
 export function providerFailureClassIsDiagnosticOnlyV1(failureClass) {
     return failureClass !== "none";
 }
-//# sourceMappingURL=provider-failures.js.map

package/dist/provider-usage-collector.d.ts

@@ -60,6 +60,7 @@ export interface FlowDeskProviderUsageCollectorResultV1 {
     providerHealthSnapshot: FlowDeskProviderHealthSnapshotV1;
     usageAuthorityEvidence?: FlowDeskManagedDispatchBetaUsageAuthorityEvidenceV1;
     bucketSnapshot?: FlowDeskProviderUsageCollectorBucketSnapshotV1;
+    additionalSnapshots?: readonly FlowDeskUsageSnapshotV1[];
     redacted_reason?: string;
 }
 export declare function collectManagedDispatchBetaUsageEvidenceV1(target: FlowDeskProviderUsageCollectorTargetV1, acquisition: FlowDeskProviderUsageAcquisitionConfigV1 | undefined, options?: FlowDeskProviderUsageCollectorOptionsV1): Promise<FlowDeskProviderUsageCollectorResultV1>;

package/dist/provider-usage-collector.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"provider-usage-collector.d.ts","sourceRoot":"","sources":["../src/provider-usage-collector.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EACV,mDAAmD,EACnD,gCAAgC,EAChC,uBAAuB,EACvB,cAAc,EACf,MAAM,yBAAyB,CAAC;AAEjC,KAAK,sBAAsB,GAAG,OAAO,CAAC,cAAc,EAAE,SAAS,GAAG,KAAK,CAAC,CAAC;AACzE,KAAK,uBAAuB,GAAG,OAAO,CAAC,sBAAsB,EAAE,QAAQ,GAAG,QAAQ,GAAG,QAAQ,CAAC,CAAC;AAG/F,MAAM,WAAW,sCAAsC;IACrD,cAAc,EAAE,uBAAuB,CAAC;IACxC,wBAAwB,EAAE,MAAM,CAAC;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,oBAAoB,EAAE,SAAS,MAAM,EAAE,CAAC;IACxC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED,MAAM,WAAW,wCAAwC;IACvD,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,SAAS,uBAAuB,EAAE,CAAC;IAC/C,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,uCAAuC;IACtD,UAAU,CAAC,EAAE,iCAAiC,CAAC;IAC/C,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC;IACzC,KAAK,CAAC,EAAE,4BAA4B,CAAC;IACrC,QAAQ,CAAC,EAAE,+BAA+B,CAAC;IAC3C,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,iCAAiC;IAChD,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC;IAC9B,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAAC;CAChC;AAED,MAAM,WAAW,oCAAoC;IACnD,EAAE,EAAE,OAAO,CAAC;IACZ,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;CACzB;AAED,MAAM,WAAW,mCAAmC;IAClD,MAAM,EAAE,KAAK,GAAG,MAAM,CAAC;IACvB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,MAAM,4BAA4B,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,mCAAmC,KAAK,OAAO,CAAC,oCAAoC,CAAC,CAAC;AACrJ,MAAM,MAAM,+BAA+B,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,MAAM,CAAC;AAEvF,MAAM,WAAW,8CAA8C;IAC7D,WAAW,EAAE,MAAM,CAAC;IACpB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,WAAW,GAAG,cAAc,GAAG,SAAS,GAAG,OAAO,GAAG,kBAAkB,CAAC;CACtF;AAED,MAAM,WAAW,sCAAsC;IACrD,EAAE,EAAE,OAAO,CAAC;IACZ,WAAW,EAAE,iBAAiB,CAAC;IAC/B,aAAa,EAAE,uBAAuB,CAAC;IACvC,sBAAsB,EAAE,gCAAgC,CAAC;IACzD,sBAAsB,CAAC,EAAE,mDAAmD,CAAC;IAC7E,cAAc,CAAC,EAAE,8CAA8C,CAAC;IAChE,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAwDD,wBAAsB,yCAAyC,CAC7D,MAAM,EAAE,sCAAsC,EAC9C,WAAW,EAAE,wCAAwC,GAAG,SAAS,EACjE,OAAO,GAAE,uCAA4C,GACpD,OAAO,CAAC,sCAAsC,CAAC,CA+FjD"}
+{"version":3,"file":"provider-usage-collector.d.ts","sourceRoot":"","sources":["../src/provider-usage-collector.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EACV,mDAAmD,EACnD,gCAAgC,EAChC,uBAAuB,EACvB,cAAc,EACf,MAAM,yBAAyB,CAAC;AAEjC,KAAK,sBAAsB,GAAG,OAAO,CAAC,cAAc,EAAE,SAAS,GAAG,KAAK,CAAC,CAAC;AACzE,KAAK,uBAAuB,GAAG,OAAO,CAAC,sBAAsB,EAAE,QAAQ,GAAG,QAAQ,GAAG,QAAQ,CAAC,CAAC;AAG/F,MAAM,WAAW,sCAAsC;IACrD,cAAc,EAAE,uBAAuB,CAAC;IACxC,wBAAwB,EAAE,MAAM,CAAC;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,oBAAoB,EAAE,SAAS,MAAM,EAAE,CAAC;IACxC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED,MAAM,WAAW,wCAAwC;IACvD,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,SAAS,uBAAuB,EAAE,CAAC;IAC/C,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,uCAAuC;IACtD,UAAU,CAAC,EAAE,iCAAiC,CAAC;IAC/C,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC;IACzC,KAAK,CAAC,EAAE,4BAA4B,CAAC;IACrC,QAAQ,CAAC,EAAE,+BAA+B,CAAC;IAC3C,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,iCAAiC;IAChD,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC;IAC9B,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAAC;CAChC;AAED,MAAM,WAAW,oCAAoC;IACnD,EAAE,EAAE,OAAO,CAAC;IACZ,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;CACzB;AAED,MAAM,WAAW,mCAAmC;IAClD,MAAM,EAAE,KAAK,GAAG,MAAM,CAAC;IACvB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,MAAM,4BAA4B,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,mCAAmC,KAAK,OAAO,CAAC,oCAAoC,CAAC,CAAC;AACrJ,MAAM,MAAM,+BAA+B,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,MAAM,CAAC;AAEvF,MAAM,WAAW,8CAA8C;IAC7D,WAAW,EAAE,MAAM,CAAC;IACpB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,WAAW,GAAG,cAAc,GAAG,SAAS,GAAG,OAAO,GAAG,kBAAkB,CAAC;CACtF;AAED,MAAM,WAAW,sCAAsC;IACrD,EAAE,EAAE,OAAO,CAAC;IACZ,WAAW,EAAE,iBAAiB,CAAC;IAC/B,aAAa,EAAE,uBAAuB,CAAC;IACvC,sBAAsB,EAAE,gCAAgC,CAAC;IACzD,sBAAsB,CAAC,EAAE,mDAAmD,CAAC;IAC7E,cAAc,CAAC,EAAE,8CAA8C,CAAC;IAChE,mBAAmB,CAAC,EAAE,SAAS,uBAAuB,EAAE,CAAC;IACzD,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAqED,wBAAsB,yCAAyC,CAC7D,MAAM,EAAE,sCAAsC,EAC9C,WAAW,EAAE,wCAAwC,GAAG,SAAS,EACjE,OAAO,GAAE,uCAA4C,GACpD,OAAO,CAAC,sCAAsC,CAAC,CA8HjD"}

package/dist/provider-usage-collector.js

@@ -22,8 +22,10 @@ export async function collectManagedDispatchBetaUsageEvidenceV1(target, acquisit
         : refusedCollection(target.providerFamily, target.modelFamily, "provider usage acquisition is disabled");
     const bucket = collection.bucket;
     const resetAt = bucket?.resetAt;
-    const usageOk = bucket !== undefined && bucket.remaining !== null && bucket.remaining > 0 && resetAt !== undefined && bucket.uncertainty === "available";
-    const usageSnapshot = usageOk
+    const remaining = bucket?.remaining ?? null;
+    const usageKnown = bucket !== undefined && remaining !== null && resetAt !== undefined && bucket.uncertainty === "available";
+    const usageOk = usageKnown && remaining > 0;
+    const usageSnapshot = usageKnown
         ? {
             schema_version: "flowdesk.usage_snapshot.v1",
             snapshot_id: target.usageSnapshotId,
@@ -32,8 +34,8 @@ export async function collectManagedDispatchBetaUsageEvidenceV1(target, acquisit
             freshness: "fresh",
             freshness_ttl: ttlMinutes,
             reset_time: resetAt,
-            reset_bucket: bucket.resetBucket,
-            dispatchability: "dispatchable",
+            reset_bucket: remaining === 0 ? `0% ${bucket.resetBucket}` : bucket.resetBucket,
+            dispatchability: usageOk ? "dispatchable" : "non_dispatchable",
             uncertainty_flags: [],
             source_ref: target.sourceRef
         }
@@ -62,6 +64,28 @@ export async function collectManagedDispatchBetaUsageEvidenceV1(target, acquisit
             uncertainty: bucket.uncertainty
         }
         : undefined;
+    const additionalSnapshots = [];
+    for (const addBucket of collection.additionalBuckets ?? []) {
+        const addResetAt = addBucket.resetAt;
+        const addRemaining = addBucket.remaining;
+        const addKnown = addRemaining !== null && addResetAt !== undefined && addBucket.uncertainty === "available";
+        const addOk = addKnown && addRemaining > 0;
+        additionalSnapshots.push(addKnown
+            ? {
+                schema_version: "flowdesk.usage_snapshot.v1",
+                snapshot_id: `${target.usageSnapshotId}-${addBucket.resetBucket}`,
+                provider_family: target.providerFamily,
+                model_family: target.modelFamily,
+                freshness: "fresh",
+                freshness_ttl: ttlMinutes,
+                reset_time: addResetAt,
+                reset_bucket: addBucket.remaining !== null ? `${addBucket.remaining}% ${addBucket.resetBucket}` : addBucket.resetBucket,
+                dispatchability: addOk ? "dispatchable" : "non_dispatchable",
+                uncertainty_flags: [],
+                source_ref: target.sourceRef,
+            }
+            : unknownUsageSnapshot({ ...target, usageSnapshotId: `${target.usageSnapshotId}-${addBucket.resetBucket}` }, { ...collection, bucket: addBucket }, ttlMinutes));
+    }
     if (!usageOk || collection.authProfileRef === undefined || collection.authEvidenceRef === undefined || collection.credentialScopeRef === undefined || collection.accountBoundaryRef === undefined || collection.quotaEvidenceRef === undefined) {
         return {
             ok: false,
@@ -69,6 +93,7 @@ export async function collectManagedDispatchBetaUsageEvidenceV1(target, acquisit
             usageSnapshot,
             providerHealthSnapshot,
             ...(bucketSnapshot !== undefined ? { bucketSnapshot } : {}),
+            ...(additionalSnapshots.length > 0 ? { additionalSnapshots } : {}),
             redacted_reason: collection.redactedReason ?? "usage evidence is unavailable"
         };
     }
@@ -78,6 +103,7 @@ export async function collectManagedDispatchBetaUsageEvidenceV1(target, acquisit
         usageSnapshot,
         providerHealthSnapshot,
         ...(bucketSnapshot !== undefined ? { bucketSnapshot } : {}),
+        ...(additionalSnapshots.length > 0 ? { additionalSnapshots } : {}),
         usageAuthorityEvidence: {
             schema_version: "flowdesk.managed_dispatch_beta.usage_authority_evidence.v1",
             authority_ref: target.authorityRef,
@@ -135,7 +161,10 @@ async function collectClaudeUsage(acquisition, options, observedAt) {
             return refusedCollection("claude", "claude", "claude usage endpoint refused");
         const payload = JSON.parse(await response.text());
         const buckets = claudeOAuthBuckets(payload, observedAt, defaults());
-        return availableCollection("claude", "claude", "claude-oauth", "claude-oauth", firstDispatchableBucket(buckets) ?? buckets[0] ?? defaults()[0]);
+        const primaryBucket = firstDispatchableBucket(buckets) ?? buckets[0] ?? defaults()[0];
+        const additionalBuckets = buckets.filter((b) => b !== primaryBucket);
+        const collection = availableCollection("claude", "claude", "claude-oauth", "claude-oauth", primaryBucket);
+        return { ...collection, additionalBuckets };
     }
     catch {
         return refusedCollection("claude", "claude", "claude usage collection failed");
@@ -165,8 +194,11 @@ async function collectCodexUsage(acquisition, options, observedAt) {
         });
         if (!response.ok)
             return refusedCollection("openai", "gpt", "codex usage endpoint refused");
-        const bucketValue = codexLiveBucket(JSON.parse(await response.text()), observedAt);
-        return availableCollection("openai", "gpt", "codex-live", firstNonEmpty(accountId, "codex-account"), bucketValue);
+        const buckets = codexLiveBuckets(JSON.parse(await response.text()), observedAt);
+        const primaryBucket = firstDispatchableBucket(buckets) ?? buckets[0] ?? bucket("openai-gpt-5h", "%", null, undefined, "unknown");
+        const additionalBuckets = buckets.filter((b) => b !== primaryBucket);
+        const collection = availableCollection("openai", "gpt", "codex-live", firstNonEmpty(accountId, "codex-account"), primaryBucket);
+        return { ...collection, additionalBuckets };
     }
     catch {
         return refusedCollection("openai", "gpt", "codex usage collection failed");
@@ -180,20 +212,23 @@ async function collectGeminiUsage(acquisition, options, observedAt) {
         return refusedCollection("gemini", "gemini", "fetch is unavailable");
     const homeDir = normalizeHomeDir(acquisition.homeDir, options.env);
     const filesystem = options.filesystem ?? defaultFilesystem;
+    const openCodeCreds = readOpenCodeGeminiOAuthCredentials(homeDir, options.env, filesystem);
     const credsPath = geminiCredentialPaths(homeDir, options.env).find((candidate) => filesystem.exists(candidate));
-    if (!credsPath)
+    if (!credsPath && !openCodeCreds)
         return refusedCollection("gemini", "gemini", "gemini auth evidence is missing");
     try {
-        const creds = JSON.parse(filesystem.readFile(credsPath));
-        const credsRecord = isRecord(creds) ? creds : {};
-        const refreshToken = stringField(credsRecord, "refresh_token");
-        const cachedAccessToken = stringField(credsRecord, "access_token");
-        const cachedExpiryRaw = credsRecord.expiry_date;
-        const cachedExpiryMs = typeof cachedExpiryRaw === "number" ? cachedExpiryRaw : typeof cachedExpiryRaw === "string" ? Number.parseInt(cachedExpiryRaw, 10) : NaN;
+        const geminiCliCreds = credsPath ? readGeminiCliOAuthCredentials(credsPath, filesystem) : null;
+        const selectedCreds = selectGeminiOAuthCredentials(openCodeCreds, geminiCliCreds, observedAt);
+        if (!selectedCreds)
+            return refusedCollection("gemini", "gemini", "gemini auth evidence is missing");
+        const refreshToken = selectedCreds.refreshToken;
+        const cachedAccessToken = selectedCreds.accessToken;
+        const cachedExpiryMs = selectedCreds.expiresAt ?? NaN;
         const cachedTokenStillValid = cachedAccessToken !== "" && Number.isFinite(cachedExpiryMs) && cachedExpiryMs > observedAt + 5 * 60_000;
         const env = options.env ?? {};
-        const clientId = firstNonEmpty(acquisition.geminiOAuthClientId, env.FLOWDESK_GEMINI_OAUTH_CLIENT_ID);
-        const clientSecret = firstNonEmpty(acquisition.geminiOAuthClientSecret, env.FLOWDESK_GEMINI_OAUTH_CLIENT_SECRET);
+        const inferredClient = readOpenCodeGeminiAuthOAuthClient(homeDir, env, filesystem);
+        const clientId = firstNonEmpty(acquisition.geminiOAuthClientId, env.FLOWDESK_GEMINI_OAUTH_CLIENT_ID, inferredClient?.clientId);
+        const clientSecret = firstNonEmpty(acquisition.geminiOAuthClientSecret, env.FLOWDESK_GEMINI_OAUTH_CLIENT_SECRET, inferredClient?.clientSecret);
         let accessToken = "";
         if (cachedTokenStillValid) {
             accessToken = cachedAccessToken;
@@ -213,19 +248,101 @@ async function collectGeminiUsage(acquisition, options, observedAt) {
                 return refusedCollection("gemini", "gemini", "gemini oauth client evidence is missing and cached access token is expired");
             return refusedCollection("gemini", "gemini", "gemini token refresh failed");
         }
-        let projectId = firstNonEmpty(env.GOOGLE_CLOUD_PROJECT, env.GOOGLE_CLOUD_PROJECT_ID, acquisition.geminiProjectId);
+        let projectId = firstNonEmpty(env.GOOGLE_CLOUD_PROJECT, env.GOOGLE_CLOUD_PROJECT_ID, acquisition.geminiProjectId, selectedCreds.projectId);
         const details = await codeAssistPost("loadCodeAssist", { cloudaicompanionProject: projectId, metadata: { ideType: "IDE_UNSPECIFIED", platform: "PLATFORM_UNSPECIFIED", pluginType: "GEMINI", duetProject: projectId } }, accessToken, fetcher);
         projectId = firstNonEmpty(projectId, stringField(details, "cloudaicompanionProject"));
         if (!projectId)
             return refusedCollection("gemini", "gemini", "gemini project boundary is missing");
         const quota = await codeAssistPost("retrieveUserQuota", { project: projectId }, accessToken, fetcher);
-        const bucketValue = geminiQuotaBucket(quota, observedAt);
-        return availableCollection("gemini", "gemini", "gemini-code-assist", projectId, bucketValue);
+        const buckets = geminiQuotaBuckets(quota, observedAt);
+        const primaryBucket = firstDispatchableBucket(buckets) ?? firstKnownBucket(buckets) ?? buckets[0] ?? bucket("gemini-unknown-5h", "%", null, undefined, "unknown");
+        const additionalBuckets = buckets.filter((b) => b !== primaryBucket);
+        const collection = availableCollection("gemini", "gemini", "gemini-code-assist", projectId, primaryBucket);
+        return { ...collection, additionalBuckets };
     }
     catch {
         return refusedCollection("gemini", "gemini", "gemini usage collection failed");
     }
 }
+function readGeminiCliOAuthCredentials(credsPath, filesystem) {
+    try {
+        const creds = JSON.parse(filesystem.readFile(credsPath));
+        const record = isRecord(creds) ? creds : {};
+        const refreshToken = stringField(record, "refresh_token");
+        const accessToken = stringField(record, "access_token");
+        const expiryRaw = record.expiry_date;
+        const expiresAt = typeof expiryRaw === "number" ? expiryRaw : typeof expiryRaw === "string" ? Number.parseInt(expiryRaw, 10) : undefined;
+        if (!refreshToken && !accessToken)
+            return null;
+        return { accessToken, refreshToken, ...(expiresAt === undefined || !Number.isFinite(expiresAt) ? {} : { expiresAt }) };
+    }
+    catch {
+        return null;
+    }
+}
+function readOpenCodeGeminiOAuthCredentials(homeDir, env, filesystem) {
+    const fromEnv = authRecordFromOpenCodeAuthContent(env?.OPENCODE_AUTH_CONTENT);
+    if (fromEnv)
+        return fromEnv;
+    for (const authPath of openCodeAuthPaths(homeDir, env)) {
+        if (!filesystem.exists(authPath))
+            continue;
+        try {
+            const parsed = JSON.parse(filesystem.readFile(authPath));
+            const fromFile = authRecordFromOpenCodeAuthDatabase(parsed);
+            if (fromFile)
+                return fromFile;
+        }
+        catch { }
+    }
+    return null;
+}
+function authRecordFromOpenCodeAuthContent(value) {
+    if (!value)
+        return null;
+    try {
+        return authRecordFromOpenCodeAuthDatabase(JSON.parse(value));
+    }
+    catch {
+        return null;
+    }
+}
+function authRecordFromOpenCodeAuthDatabase(value) {
+    if (!isRecord(value))
+        return null;
+    return openCodeGeminiAuthRecordToCredentials(value.google) ?? openCodeGeminiAuthRecordToCredentials(value.gemini);
+}
+function openCodeGeminiAuthRecordToCredentials(value) {
+    if (!isRecord(value) || value.type !== "oauth")
+        return null;
+    const accessToken = stringField(value, "access");
+    const expiresAt = numberField(value, "expires");
+    const refresh = stringField(value, "refresh");
+    const [refreshToken = "", projectId = "", managedProjectId = ""] = refresh.split("|", 3);
+    if (!refreshToken && !accessToken)
+        return null;
+    return { accessToken, refreshToken, ...(expiresAt === undefined ? {} : { expiresAt }), ...(firstNonEmpty(projectId, managedProjectId) ? { projectId: firstNonEmpty(projectId, managedProjectId) } : {}) };
+}
+function selectGeminiOAuthCredentials(openCodeCreds, geminiCliCreds, observedAt) {
+    const candidates = [openCodeCreds, geminiCliCreds].filter((candidate) => candidate !== null);
+    const fresh = candidates.find((candidate) => candidate.accessToken && candidate.expiresAt !== undefined && candidate.expiresAt > observedAt + 5 * 60_000);
+    return fresh ?? candidates.find((candidate) => candidate.refreshToken) ?? candidates[0] ?? null;
+}
+function readOpenCodeGeminiAuthOAuthClient(homeDir, env, filesystem) {
+    for (const candidate of openCodeGeminiAuthPackageEntrypoints(homeDir, env)) {
+        if (!filesystem.exists(candidate))
+            continue;
+        try {
+            const source = filesystem.readFile(candidate);
+            const clientId = source.match(/GEMINI_CLIENT_ID\s*=\s*["']([^"']+)["']/)?.[1] ?? "";
+            const clientSecret = source.match(/GEMINI_CLIENT_SECRET\s*=\s*["']([^"']+)["']/)?.[1] ?? "";
+            if (clientId && clientSecret)
+                return { clientId, clientSecret };
+        }
+        catch { }
+    }
+    return null;
+}
 function availableCollection(providerFamily, modelFamily, authProfile, accountBoundary, providerBucket) {
     if (providerBucket.remaining === null || providerBucket.remaining <= 0 || providerBucket.uncertainty !== "available") {
         return { providerFamily, modelFamily, bucket: providerBucket, failureClass: "rate_limited", availabilityState: "unavailable", redactedReason: "usage is not available" };
@@ -276,12 +393,15 @@ function claudeUsageBucket(resetBucket, defaultBucket, value, observedAt) {
     const calculated = calculateRemainingUsagePercent({ utilizationPercent: numberField(rawBucket, "utilization"), resetAt: stringField(rawBucket, "resets_at"), observedAt, expiredResetBehavior: "reset_to_full" });
     return bucket(resetBucket, "%", calculated.remaining, calculated.reset_at, calculated.uncertainty);
 }
-function codexLiveBucket(payload, observedAt) {
+function codexLiveBuckets(payload, observedAt) {
     const record = isRecord(payload) ? payload : {};
     const rateLimitPayload = isRecord(record.rate_limit_status) ? record.rate_limit_status : record;
     const details = firstRecord(rateLimitPayload.rate_limit, record.rate_limit);
     const primary = firstRecord(details?.primary_window, details?.primary, details);
-    return codexRateLimitBucket("openai-gpt-5h", primary, observedAt);
+    const secondary = isRecord(details?.secondary_window) ? details.secondary_window : undefined;
+    const primaryBucket = codexRateLimitBucket("openai-gpt-5h", primary, observedAt);
+    const secondaryBucket = secondary !== undefined ? codexRateLimitBucket("openai-weekly", secondary, observedAt) : undefined;
+    return secondaryBucket !== undefined ? [primaryBucket, secondaryBucket] : [primaryBucket];
 }
 function codexRateLimitBucket(resetBucket, rateLimit, observedAt) {
     if (!rateLimit)
@@ -293,9 +413,9 @@ function codexRateLimitBucket(resetBucket, rateLimit, observedAt) {
     const calculated = calculateRemainingUsagePercent({ remainingPercent: reportedRemainingPercent, usedPercent, resetAtUnixSeconds: resetUnix, resetAfterSeconds, observedAt, expiredResetBehavior: "stale" });
     return bucket(resetBucket, "%", calculated.remaining, calculated.reset_at, calculated.uncertainty);
 }
-function geminiQuotaBucket(quota, observedAt) {
+function geminiQuotaBuckets(quota, observedAt) {
     const quotaBuckets = Array.isArray(quota.buckets) ? quota.buckets.filter(isRecord) : [];
-    let selected;
+    const selectedByBucket = new Map();
     for (const quotaBucket of quotaBuckets) {
         const tokenType = stringField(quotaBucket, "tokenType");
         if (tokenType && tokenType !== "REQUESTS")
@@ -315,20 +435,38 @@ function geminiQuotaBucket(quota, observedAt) {
                 resetBucket = "gemini-pro-weekly";
             }
             else {
-                resetBucket = "gemini-pro-5h";
+                resetBucket = "gemini-pro-daily";
             }
         }
         if (!resetBucket)
             continue;
         const remainingPercent = calculateRemainingUsagePercent({ remainingFraction: numberField(quotaBucket, "remainingFraction"), remainingAmount: stringField(quotaBucket, "remainingAmount"), resetAt: stringField(quotaBucket, "resetTime"), observedAt, expiredResetBehavior: "reset_to_full" });
         const candidate = bucket(resetBucket, "%", remainingPercent.remaining, remainingPercent.reset_at, remainingPercent.uncertainty);
-        if (selected === undefined || selected.remaining === null || (candidate.remaining !== null && candidate.remaining < selected.remaining))
-            selected = candidate;
+        const existing = selectedByBucket.get(resetBucket);
+        if (existing === undefined || existing.remaining === null || (candidate.remaining !== null && candidate.remaining < existing.remaining))
+            selectedByBucket.set(resetBucket, candidate);
     }
-    return selected ?? bucket("gemini-unknown-5h", "%", null, undefined, "unknown");
+    const buckets = [...selectedByBucket.values()].sort((a, b) => geminiBucketRank(a.resetBucket) - geminiBucketRank(b.resetBucket));
+    return buckets.length > 0 ? buckets : [bucket("gemini-unknown-5h", "%", null, undefined, "unknown")];
+}
+function geminiBucketRank(resetBucket) {
+    if (resetBucket === "gemini-pro-daily")
+        return 0;
+    if (resetBucket === "gemini-pro-weekly")
+        return 1;
+    if (resetBucket === "gemini-flash-daily")
+        return 2;
+    if (resetBucket === "gemini-flash-lite-daily")
+        return 3;
+    return 99;
 }
 function firstDispatchableBucket(buckets) {
-    return buckets.find((candidate) => candidate.remaining !== null && candidate.remaining > 0 && candidate.resetAt !== undefined && candidate.uncertainty === "available");
+    return buckets
+        .filter((candidate) => candidate.remaining !== null && candidate.remaining > 0 && candidate.resetAt !== undefined && candidate.uncertainty === "available")
+        .sort((a, b) => (a.remaining ?? Number.POSITIVE_INFINITY) - (b.remaining ?? Number.POSITIVE_INFINITY))[0];
+}
+function firstKnownBucket(buckets) {
+    return buckets.find((candidate) => candidate.remaining !== null && candidate.resetAt !== undefined && candidate.uncertainty === "available");
 }
 async function readClaudeOAuthCredentials(homeDir, filesystem, options) {
     const keychainCreds = readClaudeKeychainCredentials(options);
@@ -466,7 +604,7 @@ function calculateRemainingUsagePercent(input) {
     return { remaining: null, used: null, ...(resetAt ? { reset_at: resetAt } : {}), uncertainty: "unknown" };
 }
 function availableResult(remaining, used, resetAt) {
-    return { remaining, used, ...(resetAt ? { reset_at: resetAt } : {}), uncertainty: remaining > 0 ? "available" : "insufficient" };
+    return { remaining, used, ...(resetAt ? { reset_at: resetAt } : {}), uncertainty: "available" };
 }
 function resolveResetAt(input, observedAt) {
     if (typeof input.resetAt === "string" && input.resetAt.trim() !== "") {
@@ -493,6 +631,18 @@ function geminiCredentialPaths(homeDir, env) {
     const geminiHome = env?.GEMINI_CLI_HOME;
     return uniqueNonEmpty([geminiHome ? path.join(geminiHome, ".gemini", "oauth_creds.json") : undefined, geminiHome ? path.join(geminiHome, "oauth_creds.json") : undefined, path.join(homeDir, ".gemini", "oauth_creds.json")]);
 }
+function openCodeAuthPaths(homeDir, env) {
+    const dataHome = firstNonEmpty(env?.OPENCODE_DATA_DIR, env?.XDG_DATA_HOME ? path.join(env.XDG_DATA_HOME, "opencode") : undefined, path.join(homeDir, ".local", "share", "opencode"));
+    return uniqueNonEmpty([dataHome ? path.join(dataHome, "auth.json") : undefined]);
+}
+function openCodeGeminiAuthPackageEntrypoints(homeDir, env) {
+    const cacheHome = firstNonEmpty(env?.OPENCODE_CACHE_DIR, env?.XDG_CACHE_HOME ? path.join(env.XDG_CACHE_HOME, "opencode") : undefined, path.join(homeDir, ".cache", "opencode"));
+    return uniqueNonEmpty([
+        cacheHome ? path.join(cacheHome, "packages", "opencode-gemini-auth@latest", "node_modules", "opencode-gemini-auth", "dist", "index.js") : undefined,
+        cacheHome ? path.join(cacheHome, "packages", "opencode-gemini-auth@latest", "dist", "index.js") : undefined,
+        cacheHome ? path.join(cacheHome, "packages", "opencode-gemini-auth", "node_modules", "opencode-gemini-auth", "dist", "index.js") : undefined,
+    ]);
+}
 function claudeKeychainServiceName(env) {
     const configDir = env?.CLAUDE_CONFIG_DIR;
     const defaultService = configDir ? `Claude Code-credentials-${createHash("sha256").update(configDir).digest("hex").slice(0, 8)}` : "Claude Code-credentials";